Vulnerabilities > Sysaid > Sysaid > 22.1.64
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-25 | CVE-2023-47247 | Unspecified vulnerability in Sysaid In SysAid On-Premise before 23.3.34, there is an edge case in which an end user is able to delete a Knowledge Base article, aka bug 15102. | 4.3 |
2023-11-24 | CVE-2023-33706 | Authorization Bypass Through User-Controlled Key vulnerability in Sysaid SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp. | 6.5 |